II. AMENDMENTS TO THE CLAIMS 

The following listing of claims replaces all prior versions, and listings, of claims 
in the application: 

1 . (Currently Amended) A computerized method for protecting an identifier of a 
subscriber, during data transfer between a service provider and a content provider, when 
said subscriber sends a request to said service provider to obtain data belonging to said 
content provider, said computerized method comprising: 

executing on at least one computer the steps [[of]] including : 

upon reception of said subscriber request by said service provider for each 
new subscriber session: 

dynamically generating for each new session an encrypted token 
using said identifier of said subscriber, wherein a lifetime of the encrypted 
token is a user session lifetime, the generating using one of a symmetric 
and asymmetric encryption algorithm comprising: 
determining a separator (S); 
determining a time varying value (T); 
concatenating the subscriber identifier with T in a string 
such that the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and 
asymmetric encryption algorithm; and, 
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transmitting said subscriber request and said encrypted 
token to said content provider; 
upon reception by said service provider of a Simple Object Access 
Protocol (SOAP) certification request comprising an encrypted token, sent by said 
content provider: 

extracting said encrypted token from said SOAP certification 
request, wherein the encrypted token is in one of the SOAP body and a 
predefined SOAP header; 

decrypting said extracted encrypted token to determine said 
subscriber identifier using a decryption algorithm corresponding to the 
encryption algorithm; 

checking said determined subscriber identifier; and, 
transmitting a success or failure indication to said content provider 
in a SOAP response to said certification request; 
upon reception of said data belonging to said content provider by said 
service provider, transmitting said data belonging to said content provider to said 
subscriber ; and 

memorizing said encrypted token so that it can be reused without having 
to be recomputed . 

2. (Original) The method of claim 1, further comprising the step of verifying rights of 
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said subscriber, wherein said steps of computing an encrypted token and transmitting said 
subscriber request and said encrypted token to said content provider are done only if said 
subscriber holds corresponding rights. 

3. (Cancelled). 

4. (Original) The method of claim 1 further comprising the step of charging said 
subscriber if said determined subscriber identifier is certified. 

5. (Previously Presented) The method of claim 1 further comprising the step of 
formatting said data belonging to said content provider in a format suitable and usable by 
the subscriber. 

6. (Cancelled). 

7. (Cancelled). 

8. (Original) The method of claim 1 implemented using web service technology. 

9. (Currently Amended) An apparatus for protecting an identifier of a subscriber, during 
data transfer between a service provider and a content provider, when said subscriber 
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sends a request to said service provider to obtain data belonging to said content provider 
comprising: 

at least one computer including: 

a system for dynamically generating for each new session an encrypted 
token using said identifier of said subscriber, wherein a lifetime of the encrypted 
token is a user session lifetime, the generating system using one of a symmetric 
and asymmetric encryption algorithm comprising: 
determining a separator (S); 
determining a time varying value (T); 

concatenating the subscriber identifier with T in a string such that 
the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and asymmetric 
encryption algorithm; and, 

transmitting said subscriber request and said encrypted token to 
said content provider; 

a system for extracting said encrypted token from said SOAP certification 
request, wherein the encrypted token is in one of the SOAP body and a predefined 
SOAP header; 

a system for decrypting said extracted encrypted token to determine said 
subscriber identifier using a decryption algorithm corresponding to the encryption 
algorithm; 
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a system for checking said determined subscriber identifier; and, 

a system for transmitting a success or failure indication to said content 
provider in a SOAP response to said certification request; [[and]] 

a system for transmitting said data belonging to said content provider to 
said subscriber ; and 

a system for memorizing said encrypted token so that it can be reused 
without having to be recomputed . 



10. (Currently Amended) A computer program product comprising program code stored 
on a computer readable medium, which when executed, enables a computer system to 
implement a method for protecting an identifier of a subscriber, during data transfer 
between a service provider and a content provider, when said subscriber sends a request 
to said service provider to obtain data belonging to said content provider, the method 
comprising: 

upon reception of said subscriber request by said service provider for each new 
subscriber session: 

dynamically generating for each new session an encrypted token using 
said identifier of said subscriber, wherein a lifetime of the encrypted token is a 
user session lifetime, the generating using one of a symmetric and asymmetric 
encryption algorithm comprising: 

determining a separator (S); 
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determining a time varying value (T); 

concatenating the subscriber identifier with T in a string such that 
the subscriber identifier and T are separated with S; 

encrypting the string with one of a symmetric and asymmetric 
encryption algorithm; and, 

transmitting said subscriber request and said encrypted token to 
said content provider; 
upon reception by said service provider of a Simple Object Access Protocol 
(SOAP) certification request comprising an encrypted token, sent by said content 
provider: 

extracting said encrypted token from said SOAP certification request, 
wherein the encrypted token is in one of the SOAP body and a predefined SOAP 
header; 

decrypting said extracted encrypted token to determine said subscriber 
identifier using a decryption algorithm corresponding to the encryption algorithm; 
checking said determined subscriber identifier; and, 
transmitting a success or failure indication to said content provider in a 
SOAP response to said certification request; 

upon reception of said data belonging to said content provider by said service 
provider, transmitting said data belonging to said content provider to said subscribe r; and 
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memorizing said encrypted token so that it can be reused without having to be 
recomputed . 
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